This patch implements the -u and -g options for lxc-attach that allows the user to ask for a specific user and group id when attaching to a container.
NOTE: DO NOT APPLY THIS PATCH JUST YET, THERE ARE SECURITY IMPLICATIONS THAT HAVE TO BE CONSIDERED BEFORE DOING SO. THIS IS JUST A DRAFT. --- src/lxc/lxc_attach.c | 52 +++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 51 insertions(+), 1 deletion(-) diff --git a/src/lxc/lxc_attach.c b/src/lxc/lxc_attach.c index 6095b54..d39f5db 100644 --- a/src/lxc/lxc_attach.c +++ b/src/lxc/lxc_attach.c @@ -26,6 +26,7 @@ #include <errno.h> #include <pwd.h> #include <stdlib.h> +#include <limits.h> #include <sys/param.h> #include <sys/types.h> #include <sys/socket.h> @@ -55,6 +56,8 @@ static const struct option my_longopts[] = { {"arch", required_argument, 0, 'a'}, {"namespaces", required_argument, 0, 's'}, {"remount-sys-proc", no_argument, 0, 'R'}, + {"uid", required_argument, 0, 'u'}, + {"gid", required_argument, 0, 'g'}, LXC_COMMON_OPTIONS }; @@ -62,10 +65,13 @@ static int elevated_privileges = 0; static signed long new_personality = -1; static int namespace_flags = -1; static int remount_sys_proc = 0; +static long requested_uid = -1; +static long requested_gid = -1; static int my_parser(struct lxc_arguments* args, int c, char* arg) { int ret; + char *endptr; switch (c) { case 'e': elevated_privileges = 1; break; @@ -85,6 +91,24 @@ static int my_parser(struct lxc_arguments* args, int c, char* arg) /* -s implies -e */ elevated_privileges = 1; break; + case 'u': + endptr = NULL; + requested_uid = strtol(arg, &endptr, 10); + if (requested_uid < 0 || requested_uid == LONG_MAX || + !endptr || *endptr || !*arg) { + lxc_error(args, "invalid user id specified: %s", arg); + return -1; + } + break; + case 'g': + endptr = NULL; + requested_gid = strtol(arg, &endptr, 10); + if (requested_gid < 0 || requested_gid == LONG_MAX || + !endptr || *endptr || !*arg) { + lxc_error(args, "invalid group id specified: %s", arg); + return -1; + } + break; } return 0; @@ -116,7 +140,10 @@ Options :\n\ Remount /sys and /proc if not attaching to the\n\ mount namespace when using -s in order to properly\n\ reflect the correct namespace context. See the\n\ - lxc-attach(1) manual page for details.\n", + lxc-attach(1) manual page for details.\n\ + -u, --uid=UID setuid(UID) when entering the container\n\ + -g, --gid=GID setgid(GID) when entering the container\n", + .options = my_longopts, .parser = my_parser, .checker = NULL, @@ -425,6 +452,12 @@ int main(int argc, char *argv[]) */ (void) lxc_attach_get_init_uidgid(&init_uid, &init_gid); + /* if the user whished for different credentials, use them */ + if (requested_uid != -1) + init_uid = (uid_t) requested_uid; + if (requested_gid != -1) + init_gid = (gid_t) requested_gid; + /* try to set the uid/gid combination */ if (setgid(init_gid)) { SYSERROR("switching to container gid"); @@ -434,6 +467,23 @@ int main(int argc, char *argv[]) SYSERROR("switching to container uid"); return -1; } + } else { + /* by default, with no user namespaces, we don't need + * setgid()/setuid(), but we should use them if explicitly + * requested + */ + if (requested_gid != -1) { + if (setgid((gid_t) requested_gid)) { + SYSERROR("switching to container gid"); + return -1; + } + } + if (requested_uid != -1) { + if (setuid((uid_t) requested_uid)) { + SYSERROR("switching to container uid"); + return -1; + } + } } if (my_args.argc) { -- 1.7.10.4 ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_feb _______________________________________________ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel